Re: [TLS] TLS interim meeting material
Eric Rescorla <ekr@rtfm.com> Fri, 14 September 2018 16:09 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F27B130DE8 for <tls@ietfa.amsl.com>; Fri, 14 Sep 2018 09:09:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, T_DKIMWL_WL_MED=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y1mVrDfQFlP1 for <tls@ietfa.amsl.com>; Fri, 14 Sep 2018 09:09:51 -0700 (PDT)
Received: from mail-lj1-x233.google.com (mail-lj1-x233.google.com [IPv6:2a00:1450:4864:20::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B3C96130DE0 for <tls@ietf.org>; Fri, 14 Sep 2018 09:09:50 -0700 (PDT)
Received: by mail-lj1-x233.google.com with SMTP id u83-v6so7946882lje.12 for <tls@ietf.org>; Fri, 14 Sep 2018 09:09:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=GpZnj7j+SFyuD7LIlBSj3VQmDTc69QXEyUwE2tkx3Fo=; b=a54lZIDoGaN+70Kv9CTV5h0ieRgKVr9Y62kPnDzYf12IwqCJBe+xyootsIeLVX4brb JbsEnap1UjlW67I/ngJu7pFWiFTn6BcM5YrXhbPJzYcrm71X26/1TdBfJokOPToeNq0B aYW7Exlg/+OsmiwyVXhqKMS4+n8DlsUVnmtIpg3tnyGmmZPjWmgfrvrwiuECMHGliPf/ 3dNcLujH+MLY0l0b76SNdyxeVx/WkWs8wrPHxTrJSSF0Tv2fzk5C5P3l/vU4ntmVQMHR 4DaOkcWi9dMJODPN41QFSszuWc9qfjVMZbIfg7DY0AWJnEZNuqhKNA2qPA39Q5rwYQJc 0q9Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=GpZnj7j+SFyuD7LIlBSj3VQmDTc69QXEyUwE2tkx3Fo=; b=D/auXZPFMHRQx3dQvxutEy34aNgi5q3ExLemdQlH3URYQOL9IwhNoOtlqQbpXvmMm8 29GsQwJx+mO9zl0h2oMCznGiFtHhPVSgfp+8UdspJH6Iw5BJWej3Xw0GWPJXew4hSgE4 Dq6nE9Yjs5/umkb8vObVrPk2NstRGopKAghhqRaoni7NahQXX0YJHGoL+3LBmORy8Y1n eaVoWf7Rfrqewjh46xFmBu8JCu7PxL0ILlz3g9kdLFBusf+DrvmmBe90y+tSbNQzhCgf 0PVtbM2QIdclj5RgLk67qNU7uYYDcD7waPazR0yHLT1BNKxz7OmADi/HB8G/PgJWogaL md/g==
X-Gm-Message-State: APzg51DKwLs0MYFTDhUxZB2b6UrCyvLoNxM/KUoEJqwbVNcEECEGw0Va rGjRCbcHKsHeduVUeVd+MQM2u6Vydo0ORPnatjIs/Q0m
X-Google-Smtp-Source: ANB0Vdb4xJRjT3nPbbE2L8pnWJVoms+JKhd+B0QZDXMy0bYppX8wcx7VDU9D1+9p6CjzYjXC2vQ5IasDYH16dT23Lc4=
X-Received: by 2002:a2e:9c4d:: with SMTP id t13-v6mr8052387ljj.153.1536941388475; Fri, 14 Sep 2018 09:09:48 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:ab3:498d:0:0:0:0:0 with HTTP; Fri, 14 Sep 2018 09:09:07 -0700 (PDT)
In-Reply-To: <D29B3688-76C6-4A91-9C22-5B0C2601FB19@dukhovni.org>
References: <alpine.LRH.2.21.1809121721300.5141@bofh.nohats.ca> <CAL02cgRfOF1Y_XC-=oPqB59RV97=O9_9BJHg2cE2mx3Rk0m26g@mail.gmail.com> <D29B3688-76C6-4A91-9C22-5B0C2601FB19@dukhovni.org>
From: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 14 Sep 2018 09:09:07 -0700
Message-ID: <CABcZeBPS9VAmQnOKJFoMMqzV-FJrMwqZjbjR-RtxcXA56z3vow@mail.gmail.com>
To: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000008045ed0575d70d2d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/X3w2hE9hKIrSAR6KJF5f1eNji_k>
Subject: Re: [TLS] TLS interim meeting material
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Sep 2018 16:09:53 -0000
On Fri, Sep 14, 2018 at 8:33 AM, Viktor Dukhovni <ietf-dane@dukhovni.org> wrote: > I'm afraid the below is a strawman hypothetical. Please stop. > > DNSSEC lookups either return the truth or explicitly > *FAIL*, they don't just return "neutral" results. > In theory perhaps, but as a practical matter, no browser client, at least, can do DNSSEC hard fail, because the rate of organic DNSSEC interference is too high. Indeed, this is the primary reason why DANE over TLS is interesting. -Ekr > As, for example, explained in RFC7672, when TLSA lookups fail the > mail delivery is deferred, and may ultimately bounce if the condition > persists beyond the message queue lifetime. > > The same is repeated in RFC7673: > > https://tools.ietf.org/html/rfc7673#section-3.4 > > o If the TLSA response is "bogus" or "indeterminate" (or the lookup > fails for reasons other than no records), then the client MUST NOT > connect to the target server (the client can still use other SRV > targets). > > Indeed in RFC6698 (base DANE specification) the state machine in Appendix > B.2 > is: > > https://tools.ietf.org/html/rfc6698#appendix-B.2 > > (TLSArecords, ValState) = DNSSECValidatedLookup( > domainname=_[port]._[transport].[name], RRtype=TLSA) > > // check for states that would change processing > if (ValState == BOGUS) { > Finish(ABORT_TLS) > } > if ((ValState == INDETERMINATE) or (ValState == INSECURE)) { > Finish(NO_TLSA) > } > // if here, ValState must be SECURE > > ... > > > On Sep 14, 2018, at 11:18 AM, Richard Barnes <rlb@ipv.sx> wrote: > > > > One other bit of context here: DANE itself doesn't prevent these > "downgrade" attacks in its native form, to say nothing of TLS. > > This is simply false. > > -- > Viktor. > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
- [TLS] TLS interim meeting material Paul Wouters
- Re: [TLS] TLS interim meeting material Richard Barnes
- Re: [TLS] TLS interim meeting material Paul Wouters
- Re: [TLS] TLS interim meeting material Richard Barnes
- Re: [TLS] TLS interim meeting material Paul Wouters
- Re: [TLS] TLS interim meeting material Viktor Dukhovni
- Re: [TLS] TLS interim meeting material Richard Barnes
- Re: [TLS] TLS interim meeting material Viktor Dukhovni
- Re: [TLS] TLS interim meeting material Eric Rescorla
- Re: [TLS] TLS interim meeting material Salz, Rich
- Re: [TLS] TLS interim meeting material Viktor Dukhovni
- Re: [TLS] TLS interim meeting material Paul Wouters